NTFS Access rights problem

Mihai_Cimpoesu · December 1, 2010, 10:02am

Hello all,

I am developing a native mode application (which runs in the same environment as autochk.exe) and I have some problems reseting a file’s permissions.

To reset the permissions I use this functional call:
status = NtSetSecurityObject(handle, DACL_SECURITY_INFORMATION,&SecurDescript);

The problem I am encountering is when I am trying too obtain a handle to the file. I get the status value STATUS_ACCESS_DENIED (0xC0000022) after the call:

status = NtOpenFile(&handle, WRITE_DAC, &ObjectAttributes, &IoStatBlock, FILE_SHARE_VALID_FLAGS, FILE_OPEN_REPARSE_POINT);

The target file has all permissions removed using windows explorer on winxp sp3. The owner of the file is Administrator. The native application I think it runs under the user SYSTEM.

If someone has a better idea on what parameters should I use in this case for NtOpenFile, please feel free to offer your oppinion.

Thank you,
Mihai

Peter_Viscarola_OSR · December 1, 2010, 11:11am

Hmmm… I’m not sure why your allowing sharing (I mean, why WOULD you) but aside from that: Have you tried different access mask values?

Have you tried running this from a command prompt window while the system is running to see if it works from there?

While I’m sure there are plenty of folks here who’ll be happy to try to help, you’d probably have better luck, faster, posting this to NTFSD where all the cool file system kids hang out.

Peter
OSR

Mihai_Cimpoesu · December 1, 2010, 11:39am

I have tried with different access masks, but no luck.
Meanwhile, I’ve managed to open the file with WRITE_OWNER after acquiring SE_RESTORE_PRIVILEGE

thanks for the advice, I will post this on NTFSD

Alex_Grig · December 1, 2010, 1:40pm

If you enable SE_TCB_PRIVILEGE, I think that will bypass any access checks.